package cn.com.ksplatform.modules.system.auth.loginmanager.controller;

import java.util.List;
import java.util.Set;

import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

import cn.com.ksplatform.base.BaseController;
import cn.com.ksplatform.modules.system.auth.menumanager.model.PlatMenu;
import cn.com.ksplatform.modules.system.auth.menumanager.service.PlatMenuService;
import cn.com.ksplatform.modules.system.auth.parammanager.model.PlatParamItem;
import cn.com.ksplatform.modules.system.auth.parammanager.service.PlatParamItemService;
import cn.com.ksplatform.modules.system.auth.rolemanager.model.PlatRole;
import cn.com.ksplatform.modules.system.auth.rolemanager.service.PlatRoleService;
import cn.com.ksplatform.modules.system.auth.usermanager.model.PlatUser;
import cn.com.ksplatform.modules.system.auth.usermanager.service.PlatUserService;

@Controller
@RequestMapping("/modules/system/login")
public class LoginController extends BaseController{
	@Autowired
	PlatUserService userService;
	
	@Autowired
	PlatRoleService roleService;
	
	@Autowired
	PlatMenuService menuService;
	
	@Autowired
	PlatParamItemService paramItemService;
	
	@RequestMapping("doLogin")
	public String doLogin(String username,String password,HttpSession session,HttpServletRequest req,HttpServletResponse rep){
		//锁定
		int passerror = 0;
		Cookie ck = new Cookie("passerror", passerror+"");
		ck.setMaxAge(60000*30);
		
		
		boolean allow = true;
		int error = 0;
		int allowerror = 0;
		Cookie[] cookies =  req.getCookies();
		for(Cookie c : cookies){
			if(c.getName().equals("passerror")){
				ck = c;
				error = Integer.parseInt(c.getValue());
				PlatParamItem passError =  paramItemService.getParam("P_SYS_PASSERRORCNT");
				if(passError != null){
					allowerror = Integer.parseInt(passError.getEvalue());
				}else{
					//默认密码错误5次锁定
					allowerror = 5;
				}
				if(error >= allowerror){
					allow = false;
				}
			}
		}
		
		req.setAttribute("error",error);
		req.setAttribute("allowerror", allowerror);
		
		if(!allow){
			req.setAttribute("allowLogin", "false");
			return "view/modules/system/login";
		}
		
		PlatUser user = userService.queryUserByUserName(username);
		
		if(user != null && user.getPassWord().equalsIgnoreCase(password)){
			session.setAttribute(LoginCons.LOGIN_IP, req.getRemoteAddr());
			session.setAttribute(LoginCons.LOGIN_USER, user);
			//获取用户角色
			Set<PlatRole> role = user.getRoles();
			//调用size方法 让hibernate加载实际set 而不是代理对象
			role.size();
			session.setAttribute(LoginCons.LOGIN_ROLES, role);
			
			ck.setValue("0");
			rep.addCookie(ck);
			
			return "redirect:/navigation/go.do";
			
		}else{
			//密码错误
			passerror = (Integer.parseInt(ck.getValue())+1);
			ck = new Cookie("passerror", passerror+"");
			//有效期30分钟
			rep.addCookie(ck);
		}
		
		req.setAttribute("passerror", "true");
		return "view/modules/system/login";
	}
	
	
	private boolean allowLogin(HttpServletRequest req,HttpServletResponse rep){
		boolean allow = true;
		//判断账户是否锁定
		Cookie[] cookies =  req.getCookies();
		for(Cookie c : cookies){
			if(c.getName().equals("passerror")){
				int error = Integer.parseInt(c.getValue());
				int allowerror = Integer.parseInt(paramItemService.getParam("P_SYS_PASSERRORCNT").getEvalue());
				if(error >= allowerror){
					allow = false;
				}
			}
		}
		return allow;
	}
	
	@RequestMapping("tree")
	@ResponseBody
	public List<PlatMenu> tree(HttpSession session) throws Exception {
		Set<PlatRole> roleset = (Set<PlatRole>) session.getAttribute(LoginCons.LOGIN_ROLES);
		List<PlatMenu> menus= menuService.getMenus(roleset);
		return menus;
	}
	
	@RequestMapping("doLoginOut")
	public String doLoginOut(HttpSession session){
		session.invalidate();
		return "redirect:/";
	}
	
	@RequestMapping("setTheme")
	@ResponseBody
	public Object setTheme(String theme,HttpSession session){
		session.setAttribute("THEME", theme);
		return "0";
	}
}
